A friend of mine recently went on a trip to Amsterdam, as he often does. He tweeted that the airport WiFi promoted the use of VPNs - so I asked for some screenshots, and he kindly provided. I was ready to be pleased to see Schipol Airport promoting security concepts for open WiFi, but then I noticed the sponsorship...

jIYVD6gF

PqCw-EwX

I'm now unsure what to think. On the one hand promoting the basic idea of securing yourself on an otherwise trustless WiFi connection is great. The more people are informed about the risks associated with public WiFi the better. However there are a few problems...

It's complimentary WiFi so advertising is fine, but delivering a message to download one specific app did irk me slightly. That said, there is an 'Alternative Providers' section although I can't see if other tools were directly linked to or just 'mentioned'.

My strongest unease is that it promotes what security folk call 'bad behaviours' from the public. Members of the public essentially receive this message...

You're at risk using this network. If you inherently trust us, download this (for now) free tool and you'll be safe.

F-Secure is a known brand, and more or less 'trustworthy', which is probably why they are allowed to advertise within the airport. The problem comes when the user installs the app and is notified that they're now operating across a secure link; the next time they join any open WiFi and receive a similar message to 'just download this app for good things to happen', they may well do so. At this point its no different in base principle to the old flash adverts Web Browsers got saying 'Your PC is at risk! Click here to start a free virus scan!'. If it's a free VPN service - traffic could be sniffed. A free virus scan? Data could be stolen...

The big question is, would users download and install the app if I told them that all their data begins flying through F-Secure's servers?